BETTER TECH GOVERNANCE IS BETTER FOR BUSINESS
|
|
- Agatha Cunningham
- 6 years ago
- Views:
Transcription
1 1 Better Tech Governance is Better for Business BETTER TECH GOVERNANCE IS BETTER FOR BUSINESS AN ISACA RESEARCH REPORT
2 2 Better Tech Governance is Better for Business Non-stop cyber-threats and ongoing digital transformation of business have elevated governance of technology into boardrooms across the globe. How are senior leaders handling their growing responsibility for effective oversight of all things digital? To better understand the issues, attitudes, and actions, ISACA conducted a worldwide survey in the summer of 2017 of 732 board members, C-suite executives, managers, and professionals in a wide range of industries and company sizes. Key findings suggest mixed success in translating heightened recognition of the importance of technology governance into effective action. On the plus side: Less favorably: 9 in 10 senior leaders surveyed agree that better governance of information technology leads to better economic outcomes and more business agility. More than two-thirds of all respondents say their company s top leaders need to prioritize strengthening connections between IT and business goals. 2/3 Two-thirds of organizations polled have increased spending on risk management in the past year. Barely more than half agree that their boards and executive teams are doing all they can to safeguard the organization s digital assets. These disconnects and other findings in this research suggest a governance gap is developing just as the fast-moving business landscape makes it more crucial than ever for organizations to implement effective policies, controls and best practices that maximize technology benefits and minimize risks. How can organizations use the significant power and influence of top leadership to more effectively leverage technology? This research identifies valuable actions and priorities for successfully navigating the transition to stronger corporate governance of technology.
3 3 Better Tech Governance is Better for Business Hopeful New Captains of the IT Vessel ISACA and others have long promoted governance as a critical way to manage IT resources, performance, and risk. Success stories of improved business-it alignment at Grupo Bancolombia and GlaxoSmithKline freeing IT resources for the most productive projects fueled worldwide interest in senior executives establishing strategies, structures and measurements to boost business results. Now, after years of being perceived mostly as an IT concern, governance has advanced to a board-level issue. Among the many reasons, failure of many tech investments to deliver business returns, the expanding cyber attack surface accelerated by a proliferation of connected devices, and intense new focus on regulatory and audit compliance created by a complex new technology challenges. Today, belief that better corporate IT governance is good for business has become nearly universal among executives, the ISACA survey shows (Figure 1). Strong Belief in Governance (Figure 1) Leadership teams agree that better IT governance leads to two things in particular: 92% 89% Better economic {outcomes More business {agility Senior leaders express belief that better governance of technology will help their organizations run more leanly and efficiently, become more responsive to customers and partners, and better link spending to demonstrable ROI. Many also strongly agree that better governance makes organizations more agile. Enabling mobility, using cloud-based services and applications, better targeting and personalizing marketing, and effectively using big data and analytics to make faster and better business decisions all are powerful ways to quickly respond to or create new market opportunities. Executive optimism is backed by ample industry evidence. According to Cognizant, an IT consulting firm, effective IT governance maximizes a company s business value in several measurable ways from better project prioritization to improved performance and higher quality IT output.
4 4 Better Tech Governance is Better for Business Tyro Payments Ltd, a Sydney, Australia-based financial technology company that has been responsible for AUS $36.8 billion in transactions, is a case in point. Technology and governance have been fully embedded into the business since the company s launch in The company uses agile development techniques, built a core banking platform (for which it was granted an unrestricted banking license,) and tracks cyber security and enterprise risk management issues through a management risk committee. The Tyro case is replicated throughout the globe. A new research paper by MIT and The Swiss Finance Institute found that share prices of better-governed public companies were 5% higher than those with weaker controls. Boards in the Know (Figure 2) How often is your senior leadership briefed about risk topics such as cyber security and disaster recovery/business continuity? 21% 39% 34% 6% at every senior leadership/board meeting at some senior leadership/board meetings as needed never/don t know The good news is that advocates of strong technology governance now have seemingly enthusiastic allies in high places. They will be needed. The ISACA research revealed two important areas of concern widely voiced across all industries, including other studies. First is the poor IT and business alignment that stubbornly persists in many organizations. Some 69% of ISACA survey respondents say leadership and boards should make establishing a clear link between the two a top priority. The second is cyber threats. Cyber Security Job #1 More than anything, cyber security has put governance of technology on the board agenda. According to the FBI, U.S. financial loss from cybercrime exceeded US $1.3 billion in Worldwide, data breaches and other attacks will cost businesses $2.1 trillion by 2019, projects Juniper Research, a four-fold increase since Experts say only about 15% of cybercrime is reported, so actual losses are surely much higher.
5 5 Better Tech Governance is Better for Business Leaders understand that the same hyper-connected environment that enables boundless opportunity also presents a major source of risk that threatens profitability and even survival. Prominent cyber attacks such as WannaCry in May, Petya in June, and Equifax in September raised awareness and fears worldwide. The business-damaging, career-ending potential of such attacks is not lost on senior leadership. Asked about the top corporate governance technological challenge and opportunity faced by senior leaders, 44% of survey respondents named cyber security policies and defenses, followed closely by risk management (Figure 3). Top Governance Challenges and Opportunities (Figure 3) Top 3 most significant governance challenges in the next 12 months. Answer Choices Cyber security policies and defenses % 44% Risk management priorities 36% Alignment between IT objectives and overall enterprise objectives 35% Note: Up to three choices allowed Boardroom worries over increased internal and external threats are so great (61%) that almost half (48%) of leadership teams have prioritized investments in cyber-defense improvements over other programs, including digital transformation and cloud. That makes sense; in another recent ISACA survey, 53% of organizations reported an increase in attacks in 2016, with 80% saying it is either likely or very likely that they will be attacked this year. Despite these expressions of concern, troubling gaps between executive attitudes and effective actions were voiced clearly by current survey respondents. Only 55% say their organization s leadership team board is doing everything it can to safeguard their organization s digital assets and data. Reasons for doubt vary. Only 1 in 3 organizations say they assess risk related to technology use at least monthly. Unfortunately, all signs point to continued escalation of attacks for the foreseeable future. Insiders, hacktivists, criminals, terrorists, and nation states pose a dizzying range of new threats, from cyber-extortion to attacking cloud services and devices connected to the Internet of Things (IoT). Hacking, malware, phishing, social engineering, botnets, and stolen user credentials remain potent dangers.
6 6 Better Tech Governance is Better for Business The connection between cyber security and a company s bottom line is clear to board members and they re worried, with good cause. A recent British report found that a publicly reported cyber-attack can cause a drop of 15% in company share prices. Such high stakes and pressure from a wide variety of external and internal stakeholders ensure senior leadership teams will continue to make cyber defense a top priority. One of the key reasons boards must offer strong oversight of cyber security is that it sets the tone for the rest of the organization. An active and engaged board will consider initiatives advocated by cyber security leaders across the organization. Data Protection (Figure 4) Do you agree or disagree that your senior leadership or board of directors is doing everything it can to safeguard your organization s digital assets and data records? 55% 21% 24% Agree Disagree Neither agree/disagree or don t know Responses have been rounded to the nearest whole number and may not add up to 100 percent. Topping the Governance Agenda Besides identifying key strategies for improving governance, this research also revealed several areas both respondents and experts say deserve more boardroom attention. Governance Frameworks If there s a secret weapon against technology performance gaps, it s governance frameworks. Adoption of a structured framework like ISACA s COBIT, used by 28% of respondents, provides a proven way for senior leaders to create conditions needed for effective governance: alignment between IT and stakeholders, monitoring and metrics, and strong engagement by business units and tech leaders (Figure 5).
7 7 Better Tech Governance is Better for Business Success Factors (Figure 5) Which conditions must be present for senior leadership to demonstrate effective IT governance? Answer Choices Ensuring alignment between IT and stakeholder needs % 58% Monitoring and measuring results toward goals 39% Strong Chairman, CEO or executive guidance 33% Strong engagement by business units, employees CIO and/or CISO should be on the board Prioritizing financial investment in governance Utilizing appropriate frameworks 30% 23% 20% 19% Note: Up to three choices allowed Frameworks also short-circuit the most-oft cited governance weaknesses: Infrequent board briefings on risk topics (only 21% do so at every meeting) and spotty risk assessment (only one-third do monthly). Fortunately, most organizations surveyed already use governance frameworks. However, for many, there s some disconnect between widespread adoption and results. That suggests the need to deepen commitment and continue training with certified experts who can help organizations and boards get maximum benefit from these powerful tools. Compliance Besides identifying key strategies for improving governance, this research also revealed several areas both respondents and experts say deserve more boardroom attention. As new cyber security and privacy rules come into force worldwide, strategic consultants advise corporate directors and leaders to reassess how they exercise their governance responsibilities for handling cyber risk and compliance. For those boards that do business globally but need a stronger incentive, EU General Data Protection Regulation (GDPR) looms largest. Effective May 2018, the law mandates a 72-hour breach notification, appointment of a company Data Protection Officer, and major fines for mishandled data.
8 8 Better Tech Governance is Better for Business Of concern, only 32% of companies affected are satisfied with the progress they ve made to prepare for GDPR, the ISACA research found. More than one third (35%) of respondents are unsure of the progress their organization has made to prepare for GDPR. There s hope for improvement; a recent PwC survey found more than half of US. multinationals consider GDPR their top data protection priority, with 77% planning to spend more than $1 million or more. Security Training Topping the priority list in some organizations is data security training. More than 1 in 3 (35%) respondents intend to increase budgets for employee awareness and skills education. The security training investment often ranges from $1,000- $2,500 per person, another ISACA survey found. More companies may boost their security training allocations if the proposed US Cyber Security Disclosure Act of 2017 passes Congress, because it requires at least one board member of a public company to be expert in security, or explain why other new measures make doing so unnecessary. Our survey found a small (15%) but undoubtedly leading-edge number of respondents investing more money in training board members on a variety of security issues. Strategic Investing Strong board oversight is critical in ensuring investments in people and equipment strategically align with enterprise goals. By that standard, the ISACA survey signals good news. Some 64% are prioritizing and increasing funding for enterprise cyber security and risk-related programs for next year; 25% are investing in upgrading perimeter defense. Hire Women To better meet the technology-driven challenges they face, organizations need to draw upon a more robust workforce. For many, that means hiring and training more women. In this regard, many companies surveyed are, unfortunately, lacking. Only 27% reported an increase in female technology workers over last year. (Figure 6) Spencer Stuart reports that only 20% of S&P 500 board members are women, so bringing in more qualified tech workers, especially in security, will require company-wide commitment from all. In the ISACA research, only 42% of respondents say that women are equally represented in senior levels at their organization.
9 9 Better Tech Governance is Better for Business Hiring More Female Tech Workers (Figure 6) Are there more female technology employees in your organization this year than there were one year ago? { yes no{ don t { know 27% 54% 19% Next Steps Better governance helps organizations maximize benefits and minimize risks in a fast-changing technology environment. To be effective, strong awareness and appreciation by top leadership must be converted into focused, meaningful action. Organizations must prioritize recruiting of tech-savvy board members and executives, while continually ensuring that technology priorities and investments are better aligned to overall enterprise strategy. Good foundational work has begun, but ongoing effort is needed to translate awareness into real business benefits and secure environments. The boardroom must become hyper-vigilant in ensuring a tight linkage between business goals and IT goals, fully leveraging business technology to improve business outcomes while diligently safeguarding the organization s digital assets, said Matt Loeb, CEO of ISACA. The message from our research is clear: there is much work to do in information and technology governance. Committing to a boardroom with technology savvy and experience strongly represented provides the needed foundation for organizations to effectively and securely innovate through technology. Analyze enterprise risks if security budget shrinks Ensure tech expertise is represented in boardroom Conduct continuous security awareness training Align tech investments with enterprise strategy Research and employ industry best practices and security controls
10 10 Better Tech Governance is Better for Business About ISACA s Better Tech Governance Is Better for Business Research Believed to be the first of its kind in the industry, the online survey of ISACA members was conducted in the summer of 2017 and included 732 respondents from 87 countries spanning Africa, Asia, Europe, Latin American, Middle East, North America, and Oceania. Respondents all hold leadership roles with working knowledge of how their organization s senior leadership and/or board of directors decides its IT strategy, plans or governance. The majority of respondents hold titles of CEO, CIO, CTO, CISO, CSO, Executive VP, Security Executive, Executive Manager, General Auditor, Partner, and Audit Head. Respondents organizations spanned government, military and a range of industries including financial/banking, technology services, manufacturing/engineering, health care/ medical, insurance and retail.
THE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationPONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY
PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018 2018 Study on
More informationTurning Risk into Advantage
Turning Risk into Advantage How Enterprise Wide Risk Management is helping customers succeed in turbulent times and increase their competitiveness Glenn Tjon Partner KPMG Advisory Presentation Overview
More informationSecurity and Privacy Governance Program Guidelines
Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by
More informationISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015
ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO 27001 FRAMEWORK AUGUST 19, 2015 Agenda Coalfire Overview Threat Landscape What is ISO Why ISO ISO Cycle Q&A 2 Presenters
More information2015 VORMETRIC INSIDER THREAT REPORT
Research Conducted by Research Analyzed by 2015 VORMETRIC INSIDER THREAT REPORT Trends and Future Directions in Data Security GLOBAL EDITION #2015InsiderThreat EXECUTIVE PERSPECTIVE 1 INSIDER THREATS:
More informationTo Audit Your IAM Program
Top Five Reasons To Audit Your IAM Program Best-in-class organizations are auditing their IAM programs - are you? focal-point.com Introduction Stolen credentials are the bread and butter of today s hacker.
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationOVERVIEW BROCHURE GRC. When you have to be right
OVERVIEW BROCHURE GRC When you have to be right WoltersKluwerFS.com In response to today s demanding economic and regulatory climate, many financial services firms are transforming operations to enhance
More informationBuilding a Threat Intelligence Program
WHITE PAPER Building a Threat Intelligence Program Research findings on best practices and impact www. Building a Threat Intelligence Program 2 Methodology FIELD DATES: March 30th - April 4th 2018 351
More informationKey Findings from the Global State of Information Security Survey 2017 Indonesian Insights
www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.
More informationCredit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank
Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank Introduction The 6,331 credit unions in the United States face a unique challenge when it comes to cybersecurity.
More informationRisk Advisory Academy Training Brochure
Academy Brochure 2 Academy Brochure Cyber Security Our Cyber Security trainings are focused on building your internal capacity to leverage IT related technologies more confidently and manage risk and uncertainty
More informationSECURING THE UK S DIGITAL PROSPERITY. Enabling the joint delivery of the National Cyber Security Strategy's objectives
SECURING THE UK S DIGITAL PROSPERITY Enabling the joint delivery of the National Cyber Security Strategy's objectives 02 November 2016 2 SECURING THE UK S DIGITAL PROSPERITY SECURING THE UK S DIGITAL PROSPERITY
More informationEvaluating Cybersecurity Coverage A Maturity Model. Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium
Discussion on: Evaluating Cybersecurity Coverage A Maturity Model Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium By: Eric C. Lovell PricewaterhouseCoopers LLP ( PwC ) March 24,
More informationBringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016
Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus September 9 th 2016 Dirk Lybaert Chief Group Corporate Affairs We constantly keep people connected to the
More informationKNOWLEDGE GAPS: AI AND MACHINE LEARNING IN CYBERSECURITY. Perspectives from U.S. and Japanese IT Professionals
KNOWLEDGE GAPS: AI AND MACHINE LEARNING IN CYBERSECURITY Perspectives from U.S. and ese IT Professionals Executive Summary The use of artificial intelligence (AI) and machine learning (ML) in cybersecurity
More informationIMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES
IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES Introductions Agenda Overall data risk and benefit landscape / shifting risk and opportunity landscape and market expectations Looking at data
More informationFlorida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government
Florida Government Finance Officers Association Staying Secure when Transforming to a Digital Government Agenda Plante Moran Introductions Technology Pressures and Challenges Facing Government Technology
More informationCybersecurity and the Board of Directors
Cybersecurity and the Board of Directors Key Findings from BITS/FSR Meetings OVERVIEW Board directors are increasingly required to engage in cybersecurity risk management yet some may need better education
More informationDIGITAL TRANSFORMATION IN FINANCIAL SERVICES
DIGITAL TRANSFORMATION IN FINANCIAL SERVICES Global Priorities, Progress, and Obstacles Insights from business and IT executives at financial services institutions worldwide reveal that while digital transformation
More informationPresented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0
Cyber Security and Inside Threats: Turning Policies into Practices Presented by Ingrid Fredeen and Pamela Passman Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented By Ingrid Fredeen, J.D.
More informationCanada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?
Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY
More information2017 RIMS CYBER SURVEY
2017 RIMS CYBER SURVEY This report marks the third year that RIMS has surveyed its membership about cyber risks and transfer practices. This is, of course, a topic that only continues to captivate the
More informationThe State of Cybersecurity and Digital Trust 2016
The State of Cybersecurity and Digital Trust 2016 Identifying Cybersecurity Gaps to Rethink State of the Art Executive Summary Executive Summary While the advent of digital technology has fueled new business
More informationSecuring Your Digital Transformation
Securing Your Digital Transformation Security Consulting Managed Security Leveraging experienced, senior experts to help define and communicate risk and security program strategy using real-world data,
More informationINTELLIGENCE DRIVEN GRC FOR SECURITY
INTELLIGENCE DRIVEN GRC FOR SECURITY OVERVIEW Organizations today strive to keep their business and technology infrastructure organized, controllable, and understandable, not only to have the ability to
More informationDriving Global Resilience
Driving Global Resilience Steve Mellish FBCI Chairman, The Business Continuity Institute Monday December 2nd, 2013 Business & IT Resilience Summit New Delhi, India Chairman of the Business Continuity Institute
More informationPredictive Insight, Automation and Expertise Drive Added Value for Managed Services
Sponsored by: Cisco Services Author: Leslie Rosenberg December 2017 Predictive Insight, Automation and Expertise Drive Added Value for Managed Services IDC OPINION Competitive business leaders are challenging
More informationRisk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23
Risk: Security s New Compliance Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23 Agenda Market Dynamics Organizational Challenges Risk: Security s New Compliance
More informationIBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation
IBM X-Force 2012 & CISO Survey Cyber Security Threat Landscape 1 2012 IBM Corporation IBM X-Force 2011 Trend and Risk Report Highlights The mission of the IBM X-Force research and development team is to:
More informationBRING EXPERT TRAINING TO YOUR WORKPLACE.
BRING EXPERT TRAINING TO YOUR WORKPLACE. ISACA s globally respected training and certification programs inspire confidence that enables innovation in the workplace. ISACA s On-Site Training brings a unique
More information2017 Trends in Security Metrics and Security Assurance Measurement Report A Survey of IT Security Professionals
2017 Trends in Security Metrics and Security Assurance Measurement Report A Survey of IT Security Professionals Sponsored by Contents Introduction....3 Key Takeaways from the 2017 Report:....3 Security
More informationSELLING YOUR ORGANIZATION ON APPLICATION SECURITY. Navigating a new era of cyberthreats
SELLING YOUR ORGANIZATION ON APPLICATION SECURITY Navigating a new era of cyberthreats Selling Your Organization on Application Security 01 It's no secret that cyberattacks place organizations large and
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationSecurity-as-a-Service: The Future of Security Management
Security-as-a-Service: The Future of Security Management EVERY SINGLE ATTACK THAT AN ORGANISATION EXPERIENCES IS EITHER ON AN ENDPOINT OR HEADING THERE 65% of CEOs say their risk management approach is
More informationSecurity Awareness Training Courses
Security Awareness Training Courses Trusted Advisor for All Your Information Security Needs ZERODAYLAB Security Awareness Training Courses 75% of large organisations were subject to a staff-related security
More informationInstitute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI
Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO CHAPTER: @IIACHI #IIACHI WWW.FACEBOOK.COM/IIACHICAGO HTTPS://WWW.LINKEDIN.COM/GROUPS/1123977 1 CAE Communications and Common Audit Committee
More informationState Governments at Risk: State CIOs and Cybersecurity. CSG Cybersecurity and Privacy Policy Academy November 2, 2017
State Governments at Risk: State CIOs and Cybersecurity CSG Cybersecurity and Privacy Policy Academy November 2, 2017 About NASCIO National association representing state chief information officers and
More informationSymantec Data Center Transformation
Symantec Data Center Transformation A holistic framework for IT evolution As enterprises become increasingly dependent on information technology, the complexity, cost, and performance of IT environments
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More information2017 THALES DATA THREAT REPORT
2017 THALES DATA THREAT REPORT Trends in Encryption and Data Security FINANCIAL SERVICES EDITION www.thales-esecurity.com 2017 THALES DATA THREAT REPORT TRENDS IN ENCRYPTION AND DATA PROTECTION U.S. U.K.
More informationA Global Look at IT Audit Best Practices
A Global Look at IT Audit Best Practices 2015 IT Audit Benchmarking Survey March 2015 Speakers Kevin McCreary is a Senior Manager in Protiviti s IT Risk practice. He has extensive IT audit and regulatory
More informationCERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT CGEIT AFFIRM YOUR STRATEGIC VALUE AND CAREER SUCCESS
CERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT CGEIT AFFIRM YOUR STRATEGIC VALUE AND CAREER SUCCESS Good IT governance is a key element of a well-performing enterprise. Enterprises need qualified information
More informationCybersecurity. Securely enabling transformation and change
Cybersecurity Securely enabling transformation and change Contents... Cybersecurity overview Business drivers Cybersecurity strategy and roadmap Cybersecurity in practice CGI s cybersecurity offering Why
More informationUncovering the Risk of SAP Cyber Breaches
Uncovering the Risk of SAP Cyber Breaches Research sponsored by Onapsis Independently Conducted by Ponemon Institute LLC February 2016 1 Part 1. Introduction Uncovering the Risks of SAP Cyber Breaches
More informationGEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards
GEORGIA CYBERSECURITY WORKFORCE ACADEMY NASCIO 2018 State IT Recognition Awards Title: Georgia Cybersecurity Workforce Academy Category: Cybersecurity State: Georgia Contact: Stanton Gatewood Stan.Gatewood@gta.ga.gov
More informationIntegrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise
February 11 14, 2018 Gaylord Opryland Resort and Convention Center, Nashville #DRI2018 Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise Tejas Katwala CEO
More informationPREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.
PREPARE FOR TAKE OFF Accelerate your organisation s journey to the Cloud. cloud. Contents Introduction Program & Governance BJSS Cloud Readiness Assessment: Intro Platforms & Development BJSS Cloud Readiness
More informationSage Data Security Services Directory
Sage Data Security Services Directory PROTECTING INFORMATION ASSETS ENSURING REGULATORY COMPLIANCE FIGHTING CYBERCRIME Discover the Sage Difference Protecting your business from cyber attacks is a full-time
More informationTHALES DATA THREAT REPORT
2018 THALES DATA THREAT REPORT Trends in Encryption and Data Security U.S. FEDERAL EDITION EXECUTIVE SUMMARY #2018DataThreat THE TOPLINE Federal agency data is under siege. Over half of all agency IT security
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationISACA MOSCOW CHAPTER Chapter meeting 22 September 2016
ISACA MOSCOW CHAPTER Chapter meeting 22 September 2016 Introduction Special guest speaker ISACA Audit committee member, Rosemary Amato Open dialog Wrap-up and close Special guest speaker CISA, CMA, CPA,
More informationBREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE
BREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE 31st Annual SoCal ISSA Security Symposium Wendy T. Wu Vice President Agenda + CISO: Then and Now + Who are the Stakeholders and What Do They Care About?
More informationTHALES DATA THREAT REPORT
2018 THALES DATA THREAT REPORT Trends in Encryption and Data Security INDIA EDITION EXECUTIVE SUMMARY #2018DataThreat THE TOPLINE Rising risks for sensitive data in India In India, as in the rest of the
More informationPAIN AND PROGRESS THE RSA CYBERSECURITY AND BUSINESS RISK STUDY
WHITEPAPER PAIN AND PROGRESS THE RSA CYBERSECURITY AND BUSINESS RISK STUDY CONTENTS Executive Summary........................................ 3 The Cybersecurity and Business Risk Survey..........................
More informationDecember 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development
December 10, 2014 Statement of the Securities Industry and Financial Markets Association Senate Committee on Banking, Housing, and Urban Development Hearing Entitled Cybersecurity: Enhancing Coordination
More informationSmart Data Center From Hitachi Vantara: Transform to an Agile, Learning Data Center
Smart Data Center From Hitachi Vantara: Transform to an Agile, Learning Data Center Leverage Analytics To Protect and Optimize Your Business Infrastructure SOLUTION PROFILE Managing a data center and the
More informationMid-Market Data Center Purchasing Drivers, Priorities and Barriers
Mid-Market Data Center Purchasing Drivers, Priorities and Barriers Featuring Sophia Vargas, Forrester Research Inc. 30 May 2014 Introducing today s presenters: Matt Miszewski Senior Vice President of Sales
More informationOperationalizing Cybersecurity in Healthcare IT Security & Risk Management Study Quantitative and Qualitative Research Program Results
Operationalizing Cybersecurity in Healthcare - - 2017 IT Security & Risk Management Study Quantitative and Qualitative Research Program Results David S. Finn, CISA, CISM, CRISC Health IT Officer, Symantec
More informationCybersecurity Perspectives 2018 THE DATA BREACH EFFECT
Cybersecurity Perspectives 2018 THE DATA BREACH EFFECT Table of Contents Introduction 3 Key Findings 4 Big Breaches Force Change 5 Breaches, Hackers and Data Privacy Are Top Concern 6 Cloud Investments
More informationSecuring the User: Winning Hearts & Minds to Drive Secure Behavior
Securing the User: Winning Hearts & Minds to Drive Secure Behavior Thomas Skill, CIO University of Dayto Spencer Mott, CIO-CISO Amg Dawn Sherizad, product manager of security, Macy Eleanor Dallaway, Editor
More informationSD-WAN. Enabling the Enterprise to Overcome Barriers to Digital Transformation. An IDC InfoBrief Sponsored by Comcast
SD-WAN Enabling the Enterprise to Overcome Barriers to Digital Transformation An IDC InfoBrief Sponsored by Comcast SD-WAN Is Emerging as an Important Driver of Business Results The increasing need for
More informationLeading our discussion today
Defending the Digital Retailer for NRFTech 2014 July 22, 2014 Leading our discussion today Security Leadership and Points of Contact Security and Infrastructure Services Leadership Kevin Richards NA Security
More informationMOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner
MOBILE SECURITY 2017 SPOTLIGHT REPORT Group Partner Information Security PRESENTED BY OVERVIEW Security and privacy risks are on the rise with the proliferation of mobile devices and their increasing use
More informationCreating a Cybersecurity Culture: (ISC)2 Survey Responses
10/3/18 Creating a Cybersecurity Culture: (ISC)2 Survey Responses Dr. Keri Pearlson (ISC)2 Conference October 8, 2018 CAMS - (IC)3 https://cams.mit.edu 1 200,000Security events The average company handles
More information112 th Annual Conference May 6-9, 2018 St. Louis, Missouri
8:30 10:30 May 6, 2018 Room 240 Complex 112 th Annual Conference May 6-9, 2018 St. Louis, Missouri Moderator/Speakers: Kevin Wachtel Finance Director/Treasurer, Villa Park, IL Alex Brown Senior Manager,
More informationCOBIT 5 With COSO 2013
Integrating COBIT 5 With COSO 2013 Stephen Head Senior Manager, IT Risk Advisory Services 1 Our Time This Evening Importance of Governance COBIT 5 Overview COSO Overview Mapping These Frameworks Stakeholder
More informationService. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution
Service SM Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Product Protecting sensitive data is critical to being
More informationState of Cloud Survey GERMANY FINDINGS
2011 State of Cloud Survey GERMANY FINDINGS CONTENTS Executive Summary... 4 Methodology... 6 Finding 1: Cloud security is top goal and top concern.................................. 8 Finding 2: IT staff
More informationCYBERSECURITY AND THE MIDDLE MARKET
CYBERSECURITY AND THE MIDDLE MARKET The Importance of Cybersecurity and How Middle Market Companies Manage Cyber Risks IN COLLABORATION WITH 2 Concerns about cybersecurity are not matched by plans. IMPORTANCE
More informationCLEARING THE PATH: PREVENTING THE BLOCKS TO CYBERSECURITY IN BUSINESS
CLEARING THE PATH: PREVENTING THE BLOCKS TO CYBERSECURITY IN BUSINESS Introduction The world of cybersecurity is changing. As all aspects of our lives become increasingly connected, businesses have made
More informationGOVERNMENT IT: FOCUSING ON 5 TECHNOLOGY PRIORITIES
GOVERNMENT IT: FOCUSING ON 5 TECHNOLOGY PRIORITIES INSIGHTS FROM PUBLIC SECTOR IT LEADERS DISCOVER NEW POSSIBILITIES. New network technology is breaking down barriers in government offices, allowing for
More informationBuild confidence in the cloud Best practice frameworks for cloud security
Build confidence in the cloud Best practice frameworks for cloud security Cloud services are rapidly growing and becoming more of a focus for business. It s predicted that more than $1 trillion in IT spending
More informationLes joies et les peines de la transformation numérique
Les joies et les peines de la transformation numérique Georges Ataya CISA, CGEIT, CISA, CISSP, MSCS, PBA Professor, Solvay Brussels School of Economics and Management Academic Director, IT Management Education
More informationCYBER INSURANCE: MANAGING THE RISK
CYBER INSURANCE: MANAGING THE RISK LEON FOUCHE PARTNER & NATIONAL CYBERSECURITY LEAD BDO AUSTRALIA MEMBER OF THE GLOBAL CYBERSECURITY LEADERSHIP GROUP ii CYBER INSURANCE: MANAGING THE RISK There s no doubt
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationRun the business. Not the risks.
Run the business. Not the risks. RISK-RESILIENCE FOR THE DIGITAL BUSINESS Cyber-attacks are a known risk to business. Today, with enterprises becoming pervasively digital, these risks have grown multifold.
More informationBuild Your Zero Trust Security Strategy With Microsegmentation
Why Digital Businesses Need A Granular Network Segmentation Approach GET STARTED Overview The idea of a secure network perimeter is dead. As companies rapidly scale their digital capabilities to deliver
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationSecuring Digital Transformation
September 4, 2017 Securing Digital Transformation DXC Security Andreas Wuchner, CTO Security Innovation Risk surface is evolving and increasingly complex The adversary is highly innovative and sophisticated
More informationMOVING MISSION IT SERVICES TO THE CLOUD
MOVING MISSION IT SERVICES TO THE CLOUD About half of civilian agency IT officials report they are now implementing mission support and business systems in the cloud. But a new progress report also highlights
More informationAngela McKay Director, Government Security Policy and Strategy Microsoft
Angela McKay Director, Government Security Policy and Strategy Microsoft Demographic Trends: Internet Users in 2005.ru.ca.is.uk.nl.be.no.de.pl.ua.us.fr.es.ch.it.eg.il.sa.jo.tr.qa.ae.kz.cn.tw.kr.jp.mx.co.br.pk.th.ph.ng.in.sg.my.ar.id.au
More informationCybersecurity Session IIA Conference 2018
www.pwc.com/me Cybersecurity Session IIA Conference 2018 Wael Fattouh Partner PwC Cybersecurity and Technology Risk PwC 2 There are only two types of companies: Those that have been hacked, and those that
More informationSOLUTION BRIEF Virtual CISO
SOLUTION BRIEF Virtual CISO programs that prepare you for tomorrow s threats today Organizations often find themselves in a vise between ever-evolving cyber threats and regulatory requirements that tighten
More informationCyber Security in Timothy Brown Dell Fellow and CTO Dell Security
Cyber Security in 2016 Timothy Brown Dell Fellow and CTO Dell Security 2016 The middle of a perfect storm Technology Driving Innovation Advanced Adversaries Limited Resources Dell Secureworks Underground
More informationLarry Clinton President & CEO (703)
For information about membership opportunities, please contact: Larry Clinton President & CEO lclinton@isalliance.org (703) 907-7028 For more information about the Internet Security Alliance, please visit
More informationGDPR Partner Marketing Campaign Playbook
GDPR Partner Marketing Campaign Playbook GDPR What is it and why it matters? Organizational Impact: Organizations must appoint a Data Protection Officer, train stakeholders on handling personal and sensitive
More informationGlobal Security Consulting Services, compliancy and risk asessment services
Global Security Consulting Services, compliancy and risk asessment services Introduced by Nadine Dereza Presented by Suheil Shahryar Director of Global Security Consulting Today s Business Environment
More informationINSIDE. 2 Introduction 15 Conclusion 4 Cyber: A Top-of-Mind Concern A Message From Morrison & Foerster s Global Privacy & Data Security Chair
INSIDE 1 A Message From Morrison & Foerster s Global Privacy & Data Security Chair 12 Operational Considerations 2 Introduction 15 Conclusion 4 Cyber: A Top-of-Mind Concern 16 7 Privacy: An Area of Growing
More informationPanda Security 2010 Page 1
Panda Security 2010 Page 1 Executive Summary The malware economy is flourishing and affecting both consumers and businesses of all sizes. The reality is that cybercrime is growing exponentially in frequency
More informationBringing Cybersecurity to the Boardroom Bret Arsenault
SESSION ID: CXO-T11 Bringing Cybersecurity to the Boardroom Bret Arsenault Corporate Vice President & CISO Microsoft Security has Transcended from to a an 3 How Microsoft Approaches Security Reinventproductivity
More informationCyber Insurance: What is your bank doing to manage risk? presented by
Cyber Insurance: What is your bank doing to manage risk? David Kitchen presented by Lisa Micciche Today s Agenda Claims Statistics Common Types of Cyber Attacks Typical Costs Incurred to Respond to an
More informationAccelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
More informationForensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services
Forensic Technology & Discovery Services Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services Forensic Technology & Discovery Services EY s Forensic
More informationIT Security: Managing a New Reality
IT Security: Managing a New Reality Kevin Lonergan #IDCDirections IDC You re Only as Strong as Your Weakest Link Locks Only Work if you Know How to Use Them IDC 2 Millions Canadian Security Market Forecast:
More informationState of the Cyber Training Market January 2018
State of the Cyber Training Market January 2018 2018 by CYBERBIT 2018 by CYBERBIT Proprietary CYBERBIT Proprietary Cybersecurity Market Worth 202.36 Billion USD by 2021 Marketandmarkets analysis, 2017
More informationCyber Security. It s not just about technology. May 2017
Cyber Security It s not just about technology May 2017 Introduction The Internet has opened a new frontier in warfare: everything is networked and anything networked can be hacked. - World Economic Forum
More informationIT Consulting and Implementation Services
PORTFOLIO OVERVIEW IT Consulting and Implementation Services Helping IT Transform the Way Business Innovates and Operates 1 2 PORTFOLIO OVERVIEW IT Consulting and Implementation Services IT is moving from
More informationBuilding YOUR Privacy Program: One Size Does Not Fit All. IBM Security Services
Building YOUR Privacy Program: One Size Does Not Fit All Justine Gottshall Partner, InfoLawGroup, LLP Chief Privacy Officer, Signal Jgottshall@infolawgroup.com Adam Nelson Executive Consultant Global Data
More information